Skip to main content
Back to insights

GDPR and email marketing - The data auditing essentials

June 29 - 2020

GDPR and Email Marketing Data 5 min read

5ec3d4a04d452c914a937f3c 41

So where do we start when it comes to GDPR?

First and foremost, it's important not to be scared by the changes to the legislation. In fact, as marketers, it's something we should welcome as it brings more clarity as to what we can and can't do with data.

You'll have a more engaged database (which means increased conversion rates), you'll spend less on the volume of emails you send and this is the perfect opportunity to ensure your database is fresh.

The first step in doing this is to audit all of the data you hold on the subscribers to your email marketing lists. This means finding out where it's stored, where it came from, what you use it for and how you use it. Whether that's sign ups from your website, transactions from your ecommerce store or email addresses you've collected at a trade show, make sure you know what you've got and where it came from.

Here's some guidance to help you:

What data do you hold?

This will vary hugely from business to business. It might be you only hold an email address or, equally, you might have detailed profiles for each of your contacts. When you audit your data, make sure you know what data you hold, why you have that data and why you use it.

Where does this data come from?

You should also know where each subscriber to your list comes from and when they joined. Have they signed up through your website? Are they a customer? Did they enter a competition you were running? Did they give you a business card at a trade show or networking event? It's important you map out every source of your data - and if you're following best practice guidelines for email marketing you will know this already.

How often do you send emails to your database?

Again, for best practice, you should know how frequently you send emails and who they are being sent to.

How engaged is your database?

An engaged subscriber is someone who is opening or clicking on your emails, although as a rule of thumb, subscribers who click on links in your emails are more engaged than those who just open them. As best practice, you shouldn't be sending emails to people who aren't engaging with you, that's why at Jarrang we often only send to an 'engaged' segment - for example to someone who has opened or clicked on an email in a 12 month period. How this engagement segment is defined will vary from business to business.

For example, if a hotel had a guest two years ago and they stayed once, and their email data was collected legitimately for email marketing purposes and they have been sending to them regularly in that time, but they haven't opened a single email, they should probably delete them from their database. The same goes for data they collected over two years ago who haven't been sent a single email - there's no way a regular sending pattern can be proved, let alone engagement, and the chances are they won't be interested anyway.

Ben Travers, Head of IP and IT at Stephens Scown, adds:

"There is no set time frame under GDPR for removing a contact from your database. Once you have carried out a data audit you can then decide on a series of compliant policies relating to how long you hold customer Personally Identifiable Information (PII). To arrive at this you can look at the transactional history of current customers and measure their purchasing lifecycle. This fits into something called the Privacy by Design concept and the need under GDPR for accurate records of processing."

How do you manage your lists, including unsubscribes and bounces?

We've worked with hundreds of business and have seen it all when it comes to list management. Typically, businesses tend to have multiple lists in many different places. You need to know how these lists are managed and how you manage your unsubscribes and bounces in order to be compliant with GDPR. Again, if you already follow best practice guidelines, you should already be doing this.

In summary...

  • Carry out an audit on all your data
  • Gather all your different 'pots' of data into one place
  • Establish what data you have an where it comes from
  • Confirm the engagement rates of your database
  • Have a plan in place for cleaning your data and updating your privacy policies

In Part 2 we will answering the question: "Can we carry on sending emails to our existing database?"

Subscribe to our insights newsletter

Be the first to hear about what’s hot in e-marketing and straight to your inbox.

Share this story

Related insights

Managed email marketing agency jarrang services reporting quote

Article 5 min read

Choosing The Right Email Marketing Software

Read post
Easter seasonal marketing

How Not To Do Seasonal Holiday Email Campaigns

Read post
Reporting emails

Understanding & Improving Deliverability In Email Marketing

Read post
View all insights